I use social-auth-app-django for my django website. Login all works, but after the token expires. I cant access the google's user data anymore. I found how to refresh the token, but it gives
File "/mnt/s/github/nascentapp/app/booking/management/commands/sendmail.py", line 17, in handle
new_token = self.get_token(user=booking_user, provider='google-oauth2')
File "/mnt/s/github/nascentapp/app/booking/management/commands/sendmail.py", line 28, in get_token
social.refresh_token(strategy)
File "/home/sander/.local/share/virtualenvs/app-YMrBBUv3/lib/python3.6/site-packages/social_core/storage.py", line 58, in refresh_token
response = backend.refresh_token(token, *args, **kwargs)
File "/home/sander/.local/share/virtualenvs/app-YMrBBUv3/lib/python3.6/site-packages/social_core/backends/oauth.py", line 438, in refresh_token
request = self.request(url, **request_args)
File "/home/sander/.local/share/virtualenvs/app-YMrBBUv3/lib/python3.6/site-packages/social_core/backends/base.py", line 234, in request
response.raise_for_status()
File "/home/sander/.local/share/virtualenvs/app-YMrBBUv3/lib/python3.6/site-packages/requests/models.py", line 941, in raise_for_status
raise HTTPError(http_error_msg, response=self)
requests.exceptions.HTTPError: 400 Client Error: Bad Request for url: https://accounts.google.com/o/oauth2/token
Here is some of my code
def get_token(self, user, provider):
social = user.social_auth.get(provider=provider)
print('This is social of user: ', social)
if (social.extra_data['auth_time'] + social.extra_data['expires']) <= int(time.time()):
print('\n Token is out of date \n')
strategy = load_strategy()
social.refresh_token(strategy)
return social.extra_data['access_token']
in my settings file:
AUTHENTICATION_BACKENDS = (
'social_core.backends.open_id.OpenIdAuth', # for Google authentication
'social_core.backends.google.GoogleOpenId', # for Google authentication
'social_core.backends.google.GoogleOAuth2', # for Google authentication
'django.contrib.auth.backends.ModelBackend',
)
SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = os.environ.get('DJANGO_SOCIAL_AUTH_GOOGLE_OAUTH2_KEY') # Paste CLient Key
SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = os.environ.get('DJANGO_SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET') # Paste Secret Key
SOCIAL_AUTH_GOOGLE_OAUTH2_SCOPE = [
'https://www.googleapis.com/auth/calendar.readonly',
'https://www.googleapis.com/auth/calendar.events'
]
Fixed it by adding this:
SOCIAL_AUTH_GOOGLE_OAUTH2_AUTH_EXTRA_ARGUMENTS = {
'access_type': 'offline',
'approval_prompt': 'auto'
}
If the user already registered, you need to force the prompt first time (otherwhise you dont get the refresh token)
/login/google-oauth2?approval_prompt=force